Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    We were alerted to a scam that is currently found on Facebook. It’s worth noting that this scam uses the mobile messaging app WhatsApp. Users may encounter this scam via Facebook notification requests or contacts’ “Likes”.

    The scam takes off like a typical scam: users are redirected to a fake WhatsApp Facebook page that requires users’ permissions. Once app permission request is granted, it displays other Facebook users, usually victims’ own contacts, who are supposedly using the WhatsApp app.

    Interestingly, users are lead to a user’s agreement page that appears to target mobile users. The page contains icons of different mobile device OS to appear legitimate.

    When users agree and gives permission to the said app, they are then lead to different pages, which vary depending on the victim’s location. For users located in countries such as the United States, Australia, New Zealand, Germany, and Great Britian, they are lead to a fake Starbucks giftcard page. Those who are not located in any of these countries are lead to a different page containing an image.

    We have previously reported fake Android app pages that spoof popular mobile apps like Instagram, Farm Frenzy, and Angry Birds Space. But this new scam suggests that it won’t be long before we see links to fake Android apps spreading on Facebook.

    Trend Micro protects users from this threat via the Smart Protection Network™, preventing access to the site survey scams. Because of its more than 900 million users, Facebook is a natural target of scams such as this incident. To know more on how to protect yourself from these threats, in particular survey scams, you may read our FAQ entry Survey Scams Aimed at Social Networking Netizens.

    Update as of August 23, 2012 10:47 AM, PST

    We also spotted an app in Facebook named Whatsapp Messenger, which can access a user’s friends’ contact information. Upon checking, it leads to another fake app named Temple Run V.2 for Facebook. When the user clicks on play, it automatically sends requests to the affected Facebook user’s friends list, thus spreading the scam. Trend Micro already blocks this threat.

    Coming Soon: The TrendLabs Security Intelligence Blog will be the new Malware Blog

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    • paulp

      vlambie, the detection name you mentioned is not related to this post. The apps here can be found in Facebook. Good thing that your downloaded fake Android app is detected by TM Mobile Security. BTW, that malware on your phone is known for premium service abuser, as it sends messages to premium numbers, leaving affected users with unwanted charges. Hope that helps, thanks.

    • vlambie

      Trend Micro Mobile Security for Android just detected WhatsApp as “AndroidOS_SMSSender.D” on my phone. Is that related to the threat you mention here?


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice